04-11-2026Price:

The Frontier

Your signal. Your price.

BITCOIN

Bitcoin faces 5-year quantum threat, developers rush Shrimps and QSB

Saturday, April 11, 2026 · from 5 podcasts, 6 episodes
Bitcoin AndWhat Bitcoin DidBitcoin OptechBanklessStacker News Live
  • A cryptographically relevant quantum computer has a 50% chance of arriving by 2033, threatening to seize Bitcoin mid-transaction.
  • Developers propose competing upgrades: Blockstream’s Shrimps signatures and Starkware’s Quantum Safe Bitcoin via hash puzzles.
  • Bitcoin’s governance crisis leaves it unable to coordinate the total mobilization required for a post-quantum migration.

The timeline for a quantum attack on Bitcoin’s cryptography is shrinking, moving from a vague distant threat to a probable 5-to-10 year window. On What Bitcoin Did, Alex Pruden estimated a 50% chance a relevant machine emerges by 2033, with 2029 as a plausible early outlier.

Google’s Willow paper demonstrated below-threshold error correction, and an Oratomic paper theorized an attack architecture needing only 10,000 physical qubits - a collapse from previous million-qubit estimates. “This doesn't just mean we are walking toward the goal; the goal is moving toward us,” Pruden argued.

"Google’s recent Willow paper changed the math. Researchers demonstrated below-threshold error correction, proving that adding physical qubits can actually reduce system errors."

- Alex Pruden, What Bitcoin Did

The threat isn't just to dormant coins. Roughly 6 million BTC, including Satoshi's, are stored with exposed public keys. But the existential risk is a “fast-clock” machine that can derive a private key in under ten minutes, enabling an “on-spend” attack to front-run transactions from the mempool. On Bankless, Nic Carter warned this breaks the fundamental assumption that knowing a key equals owning the money.

Developers are scrambling for solutions. Blockstream’s Jonas Nick is pitching “Shrimps,” a stateful post-quantum signature scheme where signatures are 350 bytes on a primary device but balloon to 8 kilobytes if state is lost. This trades localized user risk for systemic network efficiency.

Conduition highlighted isogeny-based cryptography as an alternative that preserves Bitcoin features like BIP32 derivation, though verification is 50 times slower than Schnorr. On Stacker News Live, the argument was that the community must start testing now, as a rushed, panicked migration would turn the mempool into a riot.

"The threat isn't a sudden, quiet drain of all wallets. It is the market panic that precedes it. If a government-scale actor builds a functional quantum computer, they only need to trigger a 'mad dash for the exit' to break the network’s liquidity."

- Stacker News Live

Starkware’s Ava Hu Levy proposed “Quantum Safe Bitcoin,” a scheme using hash puzzles that works within current Bitcoin script, albeit with $150 fees and requiring direct miner transmission. Bitcoin And host David Bennett argued this is still preferable to a fork that would lack the original chain’s hash rate.

Bitcoin’s greatest vulnerability may be social, not technical. Carter warned on Bankless that Bitcoin’s governance, built for peacetime and doing nothing, is spectacularly unsuited to the total mobilization required. He predicts that if the community can’t coordinate, major custodians like BlackRock and Coinbase will dictate a canonical fork, likely burning Satoshi’s coins to protect market value. The race is no longer just against physics, but against Bitcoin’s own inability to act.

ProtocolMiningCustody
Mentioned:BitcoinCoinbaseDavid BennettGoogleJonas Nick
+5 more
Nick CarterSatoshiSchnorrShrimpsStacker News

Source Intelligence

What each podcast actually said

Bitcoin And | Bitcoin & Economic News
Bitcoin And | Bitcoin & Economic News

CIA AI, Bitcoin Quantum Defense, and Tether AI Toolkit | Bitcoin NewsApr 10

  • Starkware developer Ava Levy proposed Quantum Safe Bitcoin, a scheme making transactions quantum-resistant without soft forks by replacing ECDSA reliance with hash functions.
  • The QSB scheme requires using services like Slipstream for direct miner transmission because transactions exceed standard network relay limits, posing a practical barrier for average users.
  • X402 protocol transaction volume peaked at 13.7 million in a week in November but plunged to just 112,700 weekly transactions by the last week of March.
  • World Liberty Financial, co-founded by the Trump family, used nearly 2 billion of its own WLFI tokens as collateral on Dolomite, borrowing $31.4 million in stablecoins and creating concentrated risk for other depositors.
  • Tether CEO Paolo Ardoino argues centralized AI is a dead end due to speed-of-light latency and single points of failure, positioning QVAC as a building block for a decentralized 'stable intelligence era'.
  • The Royal Government of Bhutan has sold over 70% of its Bitcoin holdings this year, moving out $233 million worth and reducing its stash from a peak of nearly 13,000 BTC to around 3,770 BTC.
  • Bitcoin network hashrate held at 952 exahashes per second with 33,000 unconfirmed transactions and an average fee of 0.02 BTC per block at the time of reporting.

Also from this episode:

AI & Tech (3)
  • The Central Intelligence Agency plans to embed AI coworkers into its analytic platforms within a couple of years to assist with drafting reports, testing conclusions, and identifying intelligence trends.
  • CIA Deputy Director Michael Ellis stated the agency's AI adoption is partly to counter China's narrowed technological innovation gap with the U.S., which he said was significant five to ten years ago.
  • The CIA reviewed 300 different AI projects last year for tasks like processing large datasets and language translation, and created its first intelligence report using AI.
AI Infrastructure (2)
  • Coinbase upgraded its X402 protocol to enable usage-based pricing for AI compute, replacing a flat fee model, and transferred protocol ownership to the nonprofit Linux Foundation.
  • Tether launched QVAC SDK, an open-source toolkit for building local, offline AI apps that runs on iOS, Android, Windows, Mac, and Linux without cloud servers.
ProtocolAI InfrastructureAgentsWarBTC Markets

Quantum Salvage | Bitcoin NewsApr 9

  • Bernstein analysts led by Gautam Chughani estimate Bitcoin has a three to five year window to implement post-quantum security, framing it as a scheduled evolution rather than a crisis.
  • Google research estimates a future quantum machine could break Bitcoin's elliptic curve cryptography with under 500,000 physical qubits, a 20x reduction from prior estimates.
  • Bernstein notes scaling quantum computers to attack levels would require breakthroughs in hardware and error correction, potentially costing tens to hundreds of billions of dollars.
  • Bernstein identifies approximately 1.7 million BTC in Satoshi-era wallets with permanently visible public keys as the highest exposure segment to a quantum attack.
  • Nick Carter's fiction piece 'Trillion Dollar Salvage' explores a scenario where a quantum attack on exposed Bitcoin leads the US government to seize coins under maritime salvage law, testing Bitcoin's social consensus.
  • Roast Beef of Lightning Labs developed a prototype tool allowing wallet recovery via proof-of-ownership during a quantum emergency upgrade, generating a proof in 55 seconds and verifying it in under 2 seconds on a MacBook.
  • Developer Robert Graham argues Adam Back and Satoshi Nakamoto's C++ coding styles are completely different, with Back's resembling academic Unix code and Satoshi's that of a professional Windows programmer, contradicting the New York Times' linguistic analysis.
  • BitMEX co-founder Ben Delo donated $5.4 million to Nigel Farage's Reform UK party, a move Bennett suggests may fuel UK political efforts to ban crypto donations.
  • Arthur Hayes is skeptical of reports Iran is collecting Bitcoin tolls from oil tankers, demanding on-chain proof and calling it IRGC theater until verified.
  • Nunchuk released open-source tools for AI agents to interact with Bitcoin wallets using a bounded authority model, where agents operate within user-set spending caps and approval policies.

Also from this episode:

BTC Markets (1)
  • David Bennett reports the Morgan Stanley Bitcoin Trust (MSBT) raised $33.9 million on its first trading day, trading over 1.6 million shares.
AI & Tech (1)
  • Visa unveiled 'Intelligent Commerce Connect', a platform for AI-driven autonomous shopping that supports tokenized payments and is compatible with major AI agent protocols.
BTC MarketsProtocolBankingRegulation
What Bitcoin Did
What Bitcoin Did

Peter McCormack

Is the Quantum Threat to Bitcoin Actually Real? | Alex PrudenApr 9

  • Alex Pruden estimates a 50% chance a cryptographically relevant quantum computer capable of breaking Bitcoin will exist by 2033, potentially as early as 2029.
  • A quantum computer breaks Bitcoin by solving the discrete logarithm problem to derive private keys from public keys. A slow machine threatens only exposed public keys, while a fast one could front-run transactions from the mempool.
  • Roughly 6 million Bitcoin currently reside in UTXOs with exposed public keys, making them immediately vulnerable to a slow-clock quantum attack.
  • Recent quantum computing papers from Google and Oratomic lowered the resource estimates for breaking elliptic curve cryptography by orders of magnitude, moving the goalposts closer.
  • Pruden argues Bitcoin should start implementing and testing post-quantum cryptography now to avoid a rushed, forced migration later. He views a multi-year consensus and deployment process as inevitable.
  • BIP 360 is a first step toward quantum resistance but is insufficient. Pruden advocates for deploying multiple candidate algorithms on testnets now to understand real-world trade-offs like signature size and speed.
  • A quantum attack may not be detectable; stolen coins could look like a routine hack. Pruden argues Bitcoin is a uniquely attractive target due to its irreversible settlement and potential for immediate profit.
  • Migrating all Bitcoin UTXOs to post-quantum addresses would take 75-100 days if the network were dedicated solely to migration, or about a year with a more practical allocation of block space.
  • The community is split on whether to burn 'lost' coins like Satoshi's during a migration. Pruden leans toward burning for economic health but acknowledges the profound property rights dilemma.
  • Standardized post-quantum algorithms are based on hash functions or lattice problems, with no guarantee they will remain unbroken. This underscores the need for long-term cryptographic agility.

Also from this episode:

AI & Tech (2)
  • Google's Willow paper in 2024 demonstrated below-threshold error correction, proving error rates can decrease as more physical qubits are added. This was a key theoretical breakthrough for scalability.
  • Neutral atom quantum computers have progressed from zero physical qubits to arrays of thousands in five years. The Oratomic paper theorized an architecture needing only 10,000 physical qubits for a slow-clock attack.
ProtocolCustodyBTC Markets
Bitcoin Optech
Bitcoin Optech

Bitcoin Optech: Newsletter #399 RecapApr 7

  • Jonas Nick details Shrimps, a post-quantum hash-based signature scheme where signatures are 350 bytes on a primary stateful device. If that device is lost, imported devices produce 2.5 kilobyte signatures, with a final 8 kilobyte fallback for catastrophic failure.
  • Shrimps and its predecessor Shrinks require wallets to be stateful, tracking an incrementing integer for each public key to count signatures. If this state is lost or corrupted, security breaks and the wallet must use a large fallback signature.
  • Conduition highlights isogeny-based cryptography as a promising post-quantum candidate because its structure allows key re-randomization. This enables BIP32-like hierarchical key derivation and Taproot-like key tweaking, features hash-based and lattice-based schemes struggle to replicate.
  • SkiSign, an isogeny-based signature scheme, has 65-byte public keys and 148-byte signatures. Verification is about 50 times slower than Schnorr or Dilithium, posing a potential bottleneck for full block validation.
  • Conduition notes isogeny cryptography relies on the supersingular isogeny path problem, a newer but well-studied assumption. He cautions that schemes like SkiSign and PRISM have complementary security proofs, making it hard to prove both secure simultaneously.
  • Armin describes how wallet fingerprints - artifacts like signature grinding, SIGHASH flags, and nSequence values - can break PayJoin privacy. Analysts can partition transaction inputs between sender and receiver by spotting inconsistent behaviors between collaborating wallets.
  • Explicitly stating SIGHASH_ALL in Taproot signatures is a wasteful bug that creates a fingerprint. Since Taproot defaults to SIGHASH_ALL, including the byte adds unnecessary transaction weight and identifies non-compliant wallets.
  • BIPs 440 and 441, part of the "script restoration" effort, are now published. BIP 440 proposes a VAR Ops budget for limiting script complexity, while BIP 441 proposes re-enabling disabled opcodes like OP_CAT within a new Tapscript version.
  • Pais proposes BIP 2130, a standard for wallet backup metadata formats. It aims to create an interoperable way to export and import not just descriptors, but full wallet state including labels, transaction history, and coin data.
  • Eclair 3269 adds automatic liquidity reclamation, closing idle redundant channels. It reduces relay fees over time and closes a channel if, after five days at minimum fee, payment volume stays below 5% of capacity and the local balance is over 25%.
  • LDK adds support for zero-channel-reserve channels, primarily for LSP-user relationships. This lets users commit their full on-chain balance to a channel, shifting the trust and risk onto the service provider.
  • LND implements proper MuSig2 nonce handling and RBF support for cooperatively closing simple Taproot channels. The update hardens the protocol against nonce reuse, which could expose private keys.
ProtocolPrivacy
Bankless
Bankless

Bitcoin Has 3 Years to Survive | Nic Carter on Bitcoin’s Quantum VulnerabilityApr 6

  • Bitcoin's governance is spectacularly unsuited to the quantum threat, which requires total mobilization for core infrastructural change under an uncertain timeline.
  • The Google and Oratomic papers published improved resource estimates for breaking Bitcoin's ECDSA cryptography, indicating the threat is closer than previously thought. The hardware does not yet exist.
  • A short-range 'on-spend' attack could intercept a Bitcoin transaction in as little as nine minutes using the improved algorithms, forcing the entire network to be post-quantum before the computer is built.
  • Google has accelerated its internal post-quantum transition timeline to 2029, while the U.S. government targets 2030-2035 for critical functions.
  • Transitioning Bitcoin to post-quantum cryptography is complex, requiring consensus on a signature scheme, a coordinated migration of all addresses, and a decision on dormant coins.
  • Post-quantum signature schemes are much larger than current ones, requiring a likely uncontroversial block size increase to accommodate the 10x to 1000x increase in transaction data.
  • The Google paper estimates 6.9 million Bitcoin are vulnerable to long-range quantum attacks, with 2.3 million considered permanently unmovable Satoshi or lost coins.
  • Nic Carter predicts Bitcoin's largest custodians and exchanges will eventually demand a fork where the unmovable Satoshi coins are burned, establishing that as the canonical BTC.
  • Carter's preferred solution uses salvage law, where a trusted entity recovers vulnerable coins and holds them in trust for their original owners, with a finder's fee, rather than protocol-level burning.
  • Ethereum is seen as more proactive on the quantum threat, having a published roadmap and an advantage as it has not hyper-optimized around small signatures like some high-performance chains.

Also from this episode:

AI & Tech (1)
  • The authors of the Google paper suggest a fast takeoff model for quantum computing, where significant prior notice before a cryptographically relevant quantum computer exists is unlikely.
ProtocolCustodyETFs
Stacker News Live
Stacker News Live

SNL #218: Where you sitting...Good FridayApr 6

  • Siru's Bitcoin data project investigated Foundry's 7-consecutive-block streak, which occurred alongside a two-block reorg. The analysis, using data from the BOK project and Wumbo's node archives, suggests consecutive blocks happen more frequently than expected due to block latency, where co-located miners receive block headers faster.
  • Bitprojects.io demonstrated that Bitcoin node count can be easily 'sybillable' by simulating over 3,000 nodes using minimal hardware. The project aimed to show that node count is an unreliable metric for social consensus or soft fork signaling, with its shutdown causing a 'huge uptick' in incoming connections for other nodes.

Also from this episode:

Adoption (3)
  • Stacker News, a Bitcoin front page platform, features `txrush.com` and `truckyard.live` which visualize Bitcoin mempool transactions as highway traffic or spacecraft, pulling data from the mempool. Carl suggested these could be useful as phone widgets.
  • The Unboiled family, who live nomadically and attempt to transact predominantly in Bitcoin, tracks 'SATs inflation' based on their spending on essentials in South Africa. They reported a period of 'SATs deflation' where costs were lower by 11% for electricity, 8% for fuel, and 5% for milk.
  • Supratic outlined several privacy attacks on Lightning, emphasizing that blinded paths improve privacy but are not a 'magic shield' against tracing. These attacks include CLTV correlation, graph analysis on small nodes, payment probing, introduction, and node visibility.
AI & Tech (4)
  • The New York Times is blocking the Internet Archive from archiving its articles, citing protection against AI scraping. Keon argues this strategy, while aiming for short-term subscriber growth, will harm the NYT's long-term relevance by excluding its content from AI training data and future search results.
  • OpenAI acquired the popular podcast network TBPN, with CEO Sam Altman stating it was due to liking the show and not for promotional purposes. Keon speculates the acquisition might instead aim to subtly shape tech narratives favorable to OpenAI, similar to the Bezos-Washington Post acquisition.
  • Japanese and US companies formed the Portsmouth Consortium under a strategic trade agreement to develop AI infrastructure and power generation in Piketon, Ohio. The project plans to invest $500 billion to build a data center with a 9.2 GW capacity, leading Blockchain Boo to predict potential government bailouts given the scale of the AI race.
  • Carl and Keon debate the implications of free and abundant intelligence, with Keon suggesting it will only shift humanity's bottlenecks rather than solving all problems. Carl argues that with intelligence addressed, humanity's focus would shift to virtues, love, and internal well-being, aspects that artificial intelligence cannot fulfill.
Science (1)
  • Recent quantum computing breakthroughs, including Caltech's advancements in quantum operations and Google's implementation of Shor's algorithm with an order of magnitude fewer qubits, do not fundamentally alter the timeline for breaking elliptic curve cryptography. Scott Aaronson, an independent expert, suggests they might slightly shorten the indeterminate timeline, which could still be 5-10 years or longer.
BTC MarketsProtocolBig TechEnergyMacro

Related Stories